Overview

This class teaches audience a wealth of hacking techniques to compromise modern day web
applications,
APIs and associated end-points. This class focus on specific areas of appsec and on advanced
vulnerability identification and exploitation techniques (especially server side flaws). The
class
allows attendees to learn and practice some neat, new and ridiculous hacks which affected
real life
products and have found a mention in real bug-bounty programs. The vulnerabilities selected
for the
class either typically go undetected by modern scanners or the exploitation techniques are
not so
well known. Attendees will also benefit from a state-of-art Hacklab where they can practice
the
challenges.

Who should take this course

Student requirements

Students must bring their own laptop and have admin/root access on it. The laptop
should
have at
least 4
GB RAM and 20 GB of free disk space and a working copy of the latest Kali Operating
System.
Kali
OS
should be run inside a Virtual machine (e.g. VMware Workstation/Fusion/Player or
Virtual
Box).

What students will be provided with

Access to a hacking lab not just during the course but for 15 days after the class
too. This
gives them
plenty of time to practice the concepts taught in the class. Numerous scripts and
tools will
also be
provided during the training, along with student handouts.

Dhruv Shah is an information security professional working as a Principal
Security Consultant at NotSoSecure. He has over 7+ years of experience in
application, mobile and network security. He has co-authored the book 'Kali
Linux Intrusion and Exploitation' by Packtpub. His work can be found on
security-geek.in. He is also a trainer of NotSoSecure's much acclaimed
advanced web hacking class and has been a trainer at several leading public
conferences such as Black Hat USA and Europe. He has provided security
training to various clients in UK, EU and USA via corporate training

This hands-on training teaches the concepts, tools, and techniques to analyze, investigate and
hunt malwares by combining two powerful techniques malware analysis and memory forensics.This
course will introduce attendees to basics of malware analysis, reverse engineering, Windows
internals and memory forensics, it then gradually progresses deep into more advanced concepts of
malware analysis & memory forensics. Attendees will learn to perform static, dynamic, code and
memory analysis. This course consists of scenario-based hands-on labs after each module which
involves analyzing real-world malware samples and infected memory images (crimeware, APT
malware, fileless malwares, Rootkits etc). This hands-on training is designed to help attendees
gain a better understanding of the subject in short span. Throughout the course, the attendees
will learn the latest techniques used by the adversaries to compromise and persist on the
system. The training also demonstrates how to integrate the malware analysis and forensics
techniques into a custom sandbox to automate the analysis of malicious code. After taking this
course attendees will be better equipped with skills to analyze, investigate and respond to
malware-related incidents.

The training provides practical guidance and attendees should walk away with the following
skills:

How malware and Windows internals work

How to create a safe and isolated lab environment for malware analysis

What are the techniques and tools to perform malware analysis

How to perform static analysis to determine the metadata associated with malware

How to perform dynamic analysis of the malware to determine its interaction with process,
file system, registry and network

How to perform code analysis to determine the malware functionality

How to debug a malware using tools like IDA Pro, Ollydbg/Immunity debugger/x64dbg

Windows Operating system (preferably Windows 7 64-bit, even Windows 8 and above versions are
fine) installed inside the VMware Workstation/Fusion. You must have full administrator
access for the Windows operating system installed inside the VMware Workstation/Fusion.

Note: VMware player or VirtualBox is not suitable for this training. The lab setup guide will be
sent you after registration.

About the Trainer

Monnappa K A works for Cisco Systems as an information security investigator
focusing on threat intelligence, investigation, and research of cyber
espionage and advanced cyber attacks. He is the author of the best selling
book “Learning Malware Analysis” and member of Black Hat review
board. He is the creator of Limon Linux sandbox and winner of Volatility
plugin contest 2016. He is the co-founder of the cybersecurity research
community “Cysinfo” (https://www.cysinfo.com).
His fields of interest include malware analysis, reverse engineering, memory
forensics, and threat intelligence.

He has presented at various security conferences including Black
Hat, FIRST, SEC-T, 4SICS-SCADA/ICS summit, DSCI, National Cyber Defence
Summit and Cysinfo meetings on various topics which include memory
forensics, malware analysis, reverse engineering, and rootkit analysis. He
has conducted training sessions at Black Hat, BruCON, OPCDE, FIRST (Forum of
Incident Response and Security teams), SEC-T and 4SICS-SCADA/ICS cyber
security summit. He has also authored various articles in eForensics and
Hakin9 magazines. You can find some of his contributions to the community in
his YouTube channel (http://www.youtube.com/c/MonnappaKA)
and you can read his blog posts at https://cysinfo.comTwitter: @monnappa22